Project to explore clustering of malware using their Resources (Files Fingering, Register Fingering, and Mutex Usage) which will evolve into process modeling and clustering on process model.
Current iteration uses File fingering exclusively to explore similiarties in current real malware iterations and how they differ from percieved innocuous files.
#Current Limitations: Limited to N-Version Virus scanning for labeling. Malware scanners are input a file and any scanner that finishes within a threshold will return clean or the presumed label.
Resource Fingering built upon a https://www.cuckoosandbox.org/ for extracting resource utilization.
2000 Malware Samples with Files and Folders Fingered.